1 Introduction
1.1 PortSwigger Ltd is the entire legal and beneficial owner and licensor of:
(a) the 'Burp Suite DAST' software products and services (previously known as Burp Suite Enterprise Edition) (DAST Software); and
(b) the 'Burp Suite Professional' software products and services (Pro Software).
1.2 The terms and conditions set forth in this end user licence agreement (EULA) govern Your purchase of DAST Software and Pro Software. References in these terms and conditions to Software shall mean either DAST Software and / or Pro Software, depending on the selection(s) made in Your completed order form (Order).
1.3 Before completing Your Order, please carefully read the terms and conditions of this EULA, and any other applicable documentation supplied by Us to assist with Your subscription (including any user and system administrator guides, manuals, functionality specifications and online terms) (Documentation).
1.4 This EULA, Your Order and the Documentation will together comprise Your contractual agreement with PortSwigger governing Our provision of and Your licence subscription for the Software (Agreement). Only where it is indicated in Your Order that You are licensed to resell the Software, You are permitted to do so under the terms set out in Addendum A (Reseller Terms) and in such circumstances, Addendum A (Reseller Terms) also forms part of the Agreement.
1.5 The capitalised terms We, Our, Us or PortSwigger used in this EULA shall mean PortSwigger Ltd. Any notices given by You to Us pursuant to clause 15.1 must be emailed to office@portswigger.net, or posted to PortSwigger Ltd, 6 Booths Park, Chelford Road, Knutsford, United Kingdom WA16 8ZS.
1.6 Subject to clause 6.1, We are willing to license the individual, company or legal entity named in the Order (You, Your or Customer) to use the relevant Software pursuant to Your subscription in accordance with the terms and conditions of the Agreement, which will prevail over and to the exclusion of any other written or implied terms You may seek to impose regarding the Software.
1.7 The Agreement, and any dispute or claim arising out of or in connection with it or its subject matter or formation (including non-contractual disputes or claims), shall be governed by and construed in accordance with the laws of England and Wales. Either party may refer any dispute or claim arising out of or in connection with the Agreement or its subject matter or formation (including non-contractual disputes or claims) for final resolution via arbitration. Such arbitration will be governed under the LCIA Rules (which Rules are deemed to be incorporated by reference into this clause 1.7). The number of arbitrators will be one (1); the seat, or legal place, of arbitration will be London, England; and the language to be used in the arbitral proceedings will be English.
1.8 Save to the extent expressly stated otherwise, the Agreement does not give rise to any rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any term of the Agreement, and the rights of the parties to rescind or vary the Agreement shall not be subject to the consent of any person.
1.9 The parties acknowledge that the covenants stated in the Agreement are intended solely for the benefit of the parties, their successors and permitted assigns. Nothing herein, whether express or implied, shall confer upon any person or entity, other than the parties, their successors and permitted assigns, any legal or equitable right whatsoever to enforce any provision of the Agreement.
1.10 In the case of a conflict or ambiguity between the terms and conditions of this EULA, Your Order and the Documentation, the terms and conditions of this EULA (including its Addenda) will prevail save to the extent that any such terms or conditions are expressly varied in Your Order.
1.11 The Agreement will take effect upon Your receipt of an email from Us confirming acceptance of Your Order, and continue until the earlier of: (i) termination of the Agreement; or (ii) expiry of the subscription term specified in Your Order (Order Term). The subscription term specified in Your Order is the Commitment Term.
1.12 Unless the context expressly requires otherwise, the Agreement will apply in respect of any use by You of the Software, whether pursuant to:
(a) Your licence subscription as purchased under an Order, whether payable by You in advance, on credit (where pre-approved by Us in writing) or in arrears (where variable usage-based fees apply pursuant to clause 4.1);
(b) Your free trial, free training licence or free download, as may be made available by Us to You free of charge from time to time under an Order; or
(c) Your resale of any licence subscriptions for the Software in accordance with Addendum A (Reseller Terms), to the extent it forms part of the Agreement pursuant to clause 1.4.
1.13 Interpretation. Clause, sub-clause, paragraph and Addendum headings will not affect the interpretation of these terms. References to clauses, paragraphs and Addenda are to the clauses, paragraphs and Addenda of this EULA. Subject to clause 1.4, the Addenda form part of the Agreement and shall have effect as if set out in full in the body of the Agreement, and any reference to the Agreement includes its Addenda. Unless the context requires otherwise: (i) words in the singular include the plural and in the plural include the singular; (ii) reference to a statute or statutory provision is a reference to it as amended, extended or re-enacted from time to time; (iii) a reference to one gender includes a reference to the other genders; (iv) a reference to a person includes a natural person, corporate or unincorporated body (whether or not having separate legal personality) and that person's personal representatives, successors and permitted assigns; and (v) any words following the terms "including", "include", "in particular", "for example" or any similar expression shall be construed as illustrative and shall not limit the sense of the words, description, definition, phrase or term preceding those terms. A reference to "writing" or "written" excludes fax but includes email.
2 Licence
2.1 Grant of licence. In consideration of Your payment to Us of the fees specified in Your Order (Fees), We grant to You a non-exclusive, non-transferable licence, during the Order Term to use, in accordance with the terms of the Agreement:
(a) the Software in object code form only, solely for Your internal business purposes; and
(b) the Documentation as required to support Your use of the Software pursuant to 2.1(a).
2.2 Sub-licensing and third-party rights.
(a) For the purposes of the Agreement, Affiliate means, in relation to either party, a member of the same Group (and Group means, in relation to any company, any other person or entity that (i) has the ability to control or direct - directly or indirectly - the board, executive body, decision-making process or management of an entity by virtue of ownership, right of appointment, right to control election or appointment, voting rights, the ability to control the exercise of voting rights, management agreement or any other agreement (Controls), (ii) is Controlled by, or (iii) is under common Control with such company).
(b) You may sub-license the rights granted to You under clause 2.1 to Your Affiliates under the terms of the Agreement, provided that You will remain liable for the payment of all Fees and for any breach of the Agreement by an Affiliate. Without prejudice to the foregoing and clause 2.1(a), You shall not: (i) sub-license, assign or novate the benefit or burden of this licence in whole or in part; (ii) allow the Software to become the subject of any charge, lien or encumbrance; or (iii) deal in any other manner with any or all of Your rights and obligations under the Agreement, without Our prior written consent (such consent not to be unreasonably withheld or delayed).
(c) We may sub-license, assign, novate, charge or deal in any other manner with any or all of Our rights and obligations under the Agreement at any time.
2.3 Usage scope and restrictions. Except as otherwise expressly set out in the Agreement or permitted by applicable local laws:
Types of Software use available
(a) Your Order will specify whether You have purchased hosted or self-hosted Software. DAST Software is available on a hosted or self-hosted basis, each as described below. Pro Software is available on a self-hosted basis.
(b) For Hosted Software, software products and related services are hosted by Us and delivered to You as a licensed service that We grant You access to.
(c) For Self-Hosted Software, software products and related services are hosted by You on Your own individual computer(s), by using the login details and download instructions for the relevant Software and its licence key that We will provide to You as described in clause 3. To install Self-Hosted Software on Your computer(s), in each case You will need an internet connection and You must activate the Self-Hosted Software in accordance with the terms and conditions (including any limits on the number of permitted individual activations) as We may specify in Your licence(s) (Activation).
Restrictions on use
(d) You shall not use (nor allow to be used) the Software and Documentation for any unlawful, unauthorised or irresponsible purposes, including use of the Software to scan sites and/or systems which You do not have permission to scan.
(e) You acknowledge that the Software contains functionality that can be used to attack and compromise computer systems, and that You shall be responsible for all losses, costs, liabilities or other damages incurred by Us in connection with any claim brought by a third party in connection with a breach by You of this clause 2.3. In particular, You will not, nor facilitate or allow others to, carry out the following prohibited activities:
(i) use any Hosted Software:
(A) in any manner which unduly burdens or overloads Our systems and/or impacts other users of DAST Software;
(B) where You have elected Our subscription model under which You will pay Fees in advance to access the Hosted Software for an unlimited number of concurrent scans during the Order Term (the Unlimited Usage Model), to concurrently scan: (i) the same web application; or (ii) systems or sites that are not owned by You;
(ii) use any Self-Hosted Software (regardless of whether it is DAST Software or Pro Software) in a manner that exceeds any Activation limits specified in Your Order; or
(iii) use any Pro Software in connection with any continuous integration and/or continuous development pipelines.
(f) Subject to clauses 2.2 and 3.4, You shall not:
(i) provide or otherwise make available the Software in whole or in part (including but not limited to program listings, object and source program listings, object code and source code) in any form to any person other than Your employees, without Our prior written consent;
(ii) rent, lease, loan, translate, merge, adapt, vary or modify the Software or Documentation; or
(iii) make alterations to, or modifications of, the whole or any part of the Software, or permit the Software or any part of it to be combined with, or become incorporated in, any other programs.
(g) You shall not disassemble, decompile, reverse engineer or create derivative works based on the whole or any part of the Software, nor attempt to do any such thing except to the extent that, under applicable law, such actions cannot be prohibited because they are essential for the purpose of achieving inter-operability of the Software with another software program, and provided that the information obtained by You during such activities is:
(i) used only for the purpose of achieving inter-operability of the Software with another software program;
(ii) not unnecessarily disclosed or communicated to any third party without Our prior written consent; and
(iii) not used to create any software which is substantially similar to the Software.
(h) Unless expressly permitted by the terms of Your Order, You shall not copy the Software or the Documentation except where such copying is incidental to normal use of the Software, or necessary for the purpose of back-up or operational security. You further agree to include Our copyright notice on all entire and partial copies that You make of the Software or Documentation on any medium.
(i) Unless specifically authorised by Us in writing, You shall not use the Software as part of any automated service offering to third parties.
2.4 Our Ownership rights. You acknowledge that:
(a) all Intellectual Property Rights in the Software and the Documentation (and in all copies, modifications and derivative works of the Software and Documentation) belong to Us;
(b) You have no rights in, or to, the Software or the Documentation other than the right to use them in accordance with the Agreement;
(c) You have no right to have access to the Software in source code form; and
(d) the integrity of the Software is protected by technical protection measures (TPM) to prevent the misappropriation of Intellectual Property Rights within the Software, and You shall not attempt in any way to remove or circumvent any such TPM.
For the purposes of this EULA, Intellectual Property Rights means any and all patents, utility models, rights to inventions, copyright and related rights, trade marks and service marks, trade names and rights in domain names, rights in get-up, goodwill and the right to sue for passing off or unfair competition, rights in designs, rights in computer software, database rights, rights to preserve the confidentiality of information (including in Portswigger's case, its Confidential Information) and any other intellectual property rights, including all applications for (and rights to apply for and be granted) renewals or extensions of, and rights to claim priority from, such rights and all similar or equivalent rights or forms of protection which subsist or will subsist, now or in the future, in any part of the world.
2.5 Third Party Software. The Software may include third-party technology (Third-Party Software). We may provide certain notices to You in the Documentation or other notifications in connection with such Third-Party Software. Third-Party Software will be licensed to You on the terms of this EULA or, if specified in the Documentation or other notifications, under separate terms required by the relevant third party. The provisions of Addendum C (AI Services and Third Party Software) shall apply in respect of Your use of the AI features of the Software.
2.6 Improving our products and services. You agree that We may use data You provide to us, or which We generate in connection with Your use of the Software, to develop new or improve our existing products and services (including the Software). We will ensure that any such use of Your data complies with our Data Processing Agreement, including in respect of anonymisation where applicable.
3 Placing Orders
DAST Software
3.1 To purchase a licence subscription for the DAST Software and subject to any applicable volume limitations as specified in Your Order:
(a) You will elect the package type, applicable subscription period, subscription model, charging model (including currency), payment method, and renewal terms via Our 'Sales Enquiry Form'; and
(b) following an email from Us confirming acceptance of Your Order, We will provide: (i) for Hosted Software, Your access instructions; or (ii) for Self-Hosted Software, Your login details together with download instructions for that Software and its licence key, ready for You to perform Activation.
Pro Software
3.2 To purchase a licence subscription for the Pro Software and subject to any applicable volume limitations as specified in Your Order:
(a) You will elect the applicable subscription period, subscription model, charging model (including currency), payment method, and renewal terms via Our 'Subscribe to Burp Suite Professional' form; and
(b) following an email from Us confirming acceptance of Your Order, We will provide Your login details together with download instructions for that Software and its licence key, ready for You to perform Activation.
3.3 Without prejudice to clauses 3.1 and 14.1, by accessing or downloading Software or by performing Activation, You confirm that You agree to the terms of the Agreement, which bind You and Your users.
3.4 Except as expressly set out in this EULA under clause 14.1 or under the applicable Order, no other cancellations of any Order are permitted.
4 Fees and payment
4.1 You will pay the Fees specified under Your Order, and any other amounts due under the Agreement, by the due date(s) and in the currency specified in Your Order.
4.2 If Your Commitment Term is for more than one year, Your Order will specify the Fees that are payable annually in advance for each year of the Commitment Term (Annual Fees). You will pay the first Annual Fees upfront (or otherwise in accordance with the terms of Your Order). You will pay subsequent Annual Fees in accordance with the payment terms set out in the relevant annual invoice, unless the Agreement is terminated before the expiry of the Committed Term in which case You must pay all Annual Fees for future year(s) of the Commitment Term immediately upon termination.
4.3 If You have elected any of Our subscription models that permit payment of the Fees on a 'pay as you go' basis per hour of usage of the licensed Software (Usage-Based Model), You acknowledge and agree that (notwithstanding any then-current usage-based Fees stated in Your Order), We may adjust such usage-based Fees in line with PortSwigger's internal policies from time to time (including during the Order Term).
4.4 Unless expressly stated otherwise in this EULA or an Order, all Fees (including Annual Fees in respective of any future year(s) within Your Commitment Term) are non-cancellable and non-refundable.
4.5 If Your payment is subject to any tax liability within any jurisdiction (for example, withholding tax) then You shall bear sole responsibility for meeting this liability, and no deductions must be made in the amount paid to Us. All Fee amounts stated in an Order will be exclusive of any applicable VAT or other sales taxes, applicable export and import fees, customs duties or similar charges, which will be payable by You in addition to the Fees. We do not accept liability for any tax liabilities that may arise from Your purchase of the Software or any associated services hereunder.
5 Support features and security flaws
5.1 Please make sure You have read and understood all Documentation provided by Us in respect of the relevant Software made available to You under an Order. You can find additional information on support features available for the Software in Addendum B (Support Features).
5.2 In particular, You acknowledge that the Software is designed to test for security flaws and can damage target systems due to the nature of its functionality. Testing for security flaws inherently involves interacting with targets in non-standard ways which can cause problems in some vulnerable targets. Before using the Software, You must read all the relevant Documentation and back up target systems. You must exercise due care when using the Software. If You use the Software on production or other systems, You hereby accept that there may be damage or loss of use in respect of such systems, or loss of or corruption to data. You should not use the Software on any systems where You do not accept such risk.
6 Customer obligations
6.1 You warrant that:
(a) You are not purchasing licences to the Software as a consumer but will be using the Software in Your business; and
(b) any users placing Orders for Software and/or accepting the terms of this EULA, an Order or Documentation are duly authorised by You to do so.
6.2 You shall obtain all necessary authorisations from system owners prior to using the Software or any Burp Apps, and implement additional security or technical measures as may be required by Us from to time to support such authorisation activities.
6.3 You shall keep confidential any credentials provided by Us enabling You to (as applicable) log in to Our server for the purposes of downloading the relevant Software and its licence key (including any product builds), performing Activation, creating Extensions to Self-Hosted Software, and/or accessing the Burp Collaborator Server or Hosted Software.
6.4 You shall keep all copies of any Self-Hosted Software secure, and maintain accurate and up-to-date records of the number of locations of all such copies of Self-Hosted Software.
6.5 You shall supervise and control use of the Software and ensure that the Software is used by Your employees and representatives in accordance with the terms of the Agreement. You shall be responsible for all liability claims, actions, or causes of action, together with Our legal costs in bringing the same, arising from or in connection with Your actions or the activities of Your employees, agents, or contractors under the Agreement.
7 PortSwigger obligations
7.1 Subject to clause 7.2, We warrant that for a period of 90 days from the date of Your purchase of Software (the Warranty Period), where the relevant Software is properly used on the computer(s) with the runtime environment for which it was designed as referred to in the Documentation and in accordance with the terms of the Agreement, the Software will perform substantially in accordance with the Documentation.
7.2 The warranty set out in clause 7.1 will not apply in respect of:
(a) any Software or features provided free of charge;
(b) Burp Apps;
(c) Burp Collaborator, other than as expressly described in the Documentation; or
(d) any Third-Party Software or other third-party features or services,
and We will not be responsible (under the warranty in clause 7.1 or otherwise) for any costs, expenses, loss or damage incurred by You where You have failed to replace Your current version of the Software with any updated or upgraded version or new release provided by Us to You (whether provided via the Software itself or through Your account with Us) as soon as reasonably practicable on receipt, and such costs, expenses, loss or damage would not have arisen but for such failure by You to replace and upgrade the relevant Software.
7.3 If, within the Warranty Period, You notify Us in writing of any failure of the Software to comply with such warranty, and such failure does not result from You or anyone acting on Your behalf having amended the Software or using it in breach of the Agreement, We will use commercially reasonable efforts to correct the issue to enable the Software to conform to the warranty at no additional cost to You. You will provide Us with a reasonable opportunity to remedy any breach, and make available information reasonably required to help Us to remedy the defect or fault, including sufficient information to enable Us to recreate the issue. If We are unable to do so within a reasonable period of time, either party will be entitled to terminate the applicable Order on 30 days' written notice to the other party, whereupon We will refund the Fees paid by You on a pro rata basis to reflect Your use of the Software prior to such termination and You will not be obliged to pay any further Annual Fees for the remainder of Your Commitment Term, provided that where You elect to exercise this right You must do so on written notice to Us, to be received no later than 60 days after Our commencing steps to seek to remedy the breach. The remedies in this clause 7.3 are the sole and exclusive remedies for Our failure to comply with the warranty in clause 7.1.
7.4 The Agreement sets out the full extent of Our obligations and liabilities to You in respect of the supply of the Software and Burp Apps. No other conditions, warranties, representations or other terms, express or implied, shall be binding on Us except as specifically stated in the Agreement. Any condition, warranty, representation or other term concerning the supply of the Software and Burp Apps which might otherwise be implied into, or incorporated in, the Agreement or any collateral contract, whether by statute, common law or otherwise, is hereby excluded to the fullest extent permitted by law.
8 Compliance with laws
Each party acknowledges that the export, re-export, deemed export, and import of the Software and Documentation by You and Us is subject to certain laws, rules, executive orders, directives, arrangements, and regulations of the United Kingdom, United States and other countries. Each party agrees to comply with all applicable laws with respect to the exportation, importation and use of the Software and Documentation.
9 Confidentiality
9.1 For the purposes of the Agreement, Confidential Information includes:
(a) the existence and terms of the Agreement;
(b) any information of the disclosing party that a reasonable person would regard as confidential relating to the disclosing party's (i) business, assets, affairs, customers, suppliers or market opportunities, or (ii) operations, processes, product information, know-how, designs, trade secrets or software;
(c) any personal data disclosed by a party pursuant to, or information disclosed by a party to demonstrate its compliance with, the PortSwigger 'Data Processing Agreement' and PortSwigger 'Privacy Notice' in connection with the activities described in clause 10;
(d) in Portswigger's case, any credentials provided by Us pursuant to clause 6.3 or information developed in the course of performing Our obligations under the Agreement (subject to clause (e)); and
(e) in Your case (to the extent applicable), any Extensions created by You in accordance with paragraph 4, or any of Your Data provided in accordance with paragraph 5, of Addendum B (Support and Features),
but for the avoidance of doubt Confidential Information does not include any information which:
(f) is or becomes generally available to the public (other than as a result of its disclosure by the receiving party or its representatives in breach of this clause 9);
(g) was available to the receiving party on a non-confidential basis before disclosure by the disclosing party;
(h) was, is or becomes available to the receiving party on a non-confidential basis from a person who, to the receiving party's knowledge, is not bound by a confidentiality agreement with the disclosing party or otherwise prohibited from disclosing the information to the receiving party; or
(i) is developed by or for the receiving party independently of the information disclosed by the disclosing party.
9.2 During the term of the Agreement and for a period of 2 years thereafter, each party will keep the other party's Confidential Information strictly confidential and will not use or disclose such Confidential Information other than for the purposes of the proper performance of the Agreement, or with the prior written consent of the other party, provided that a party shall be entitled to disclose the other party's Confidential Information:
(a) to its employees, officers, representatives and professional advisors (including, in Your case, Your Personnel) who need to know such Confidential Information and have committed themselves to equivalent written obligations of confidentiality or are under an appropriate statutory obligation of confidentiality; or
(b) to the extent that such disclosure is required to be disclosed under any applicable law, or by order of a court or governmental body or authority of competent jurisdiction.
9.3 By entering into the Agreement and unless You notify Us otherwise in writing, You agree that We may refer to You as one of Our customers internally and in externally published media and, where relevant, You consent to the use of Your logo(s) for this purpose. Without prejudice to the foregoing, neither party shall make, or permit any person to make, any other public announcement concerning the Agreement without the prior written consent of the other party, except as required by law, any governmental or regulatory authority (including any relevant securities exchange), any court or any other authority of competent jurisdiction.
10 Data protection
10.1 We may process personal data in connection with the provision of the Software pursuant to the PortSwigger 'Data Processing Agreement' (accessible here: PortSwigger Data Processing Agreement).
10.2 Processing by Us for the purposes of performing Our internal analytics, customer support and troubleshooting functions shall be carried out pursuant to the PortSwigger 'Privacy Notice' (accessible here: Privacy notice - PortSwigger).
10.3 You are responsible for ensuring You have appropriate measures in place to minimise the personal data disclosed to Us, and that You have complied with Your obligations under applicable data protection laws.
11 Use of AI
11.1 To ensure the Software continues to improve and develop, it includes certain AI features. In this Agreement:
AI means any system, software, or technology that demonstrates the ability to perceive its environment, process data or stimuli, reason, learn from and adapt to experiences, and make decisions or take actions that would otherwise require human intelligence, including (but not limited to) machine learning, algorithms, neural networks, speech and natural language processing, computer vision, robotics and autonomous systems. Such systems, software, or technology may operate autonomously or with varying degrees of human input and control.
11.2 Without prejudice to clause 2.5, from time to time Software made available to You by Us pursuant to an Order may include or involve the use of certain AI , which shall be subject to the terms of Addendum C (AI Services and Third Party Software). Your use of the Software and AI Services shall at all times be subject to Your compliance with any Acceptable Use Policy we have in place from time to time.
11.3 You acknowledge that all intellectual property rights in the trained AI model and all modifications made to it (Model), whether created by Us or You, as between You and Us, belong to Us.
11.4 We shall not disclose or transfer Your data to any third party other than our AI Partners (as defined in Addendum C), except as required by law or with Your explicit consent.
11.5 In the event that it becomes apparent to Us that the AI solution, may cause harm to its users, We may initiate a shutdown of the AI solution. In the case of any such shutdown, We will provide You with updates as to the possible duration of the shutdown and when it may end. We accept no liability or responsibility to You, for any losses You may suffer, where We shutdown the Software under this clause.
12 Indemnity for third party claims relating to infringement of Intellectual Property Rights
12.1 We will defend You against any claim, demand, suit or proceeding made or brought against You by a third party alleging that any Software infringes or misappropriates such third party's Intellectual Property Rights (Claim). We will indemnify You in respect of any direct damages finally awarded against You as a result (or for amounts paid by You under a settlement which has been approved by Us in writing) of a Claim, provided that in each case You promptly give Us: (i) written notice of the Claim; (ii) at Our option, sole control of the defence and settlement of the Claim; and (iii) at Our request and expense, all reasonable assistance needed in connection with the Claim.
12.2 If We receive information about a Claim, We may in Our discretion and at no cost to You: (i) modify the Software so that it is no longer claimed to infringe or misappropriate; (ii) obtain a licence for Your continued use of the Software in accordance with the Agreement; or (iii) terminate the Agreement by giving You 30 days' written notice, in which case We will refund to You any pre-paid Fees covering the remainder of the terminated Commitment Term and You will not be obliged to pay any further Annual Fees for the remainder of Your Commitment Term.
12.3 The defence and indemnification obligations in this clause 12 do not apply where: (i) the allegation does not state with specificity that the Software is the basis of the Claim; (ii) a Claim arises from the use or combination of the Software or any part thereof with software, hardware, data, or processes not provided by Us, if the Software or use thereof would not infringe without such combination; (iii) a Claim arises from Software provided free of charge; (iv) a Claim arises from Your or a third party's materials or application; or (v) a Claim arises from Your breach of the Agreement. The provisions of this clause 12 set out Our sole financial liability to You, and Your sole and exclusive financial remedy, in respect of any Claim.
13 Limitations on liability
13.1 SUBJECT TO CLAUSES 13.2, 13.3 AND 13.4, EACH PARTY'S MAXIMUM AGGREGATE LIABILITY UNDER OR IN CONNECTION WITH THE AGREEMENT (WHETHER IN CONTRACT, TORT (INCLUDING NEGLIGENCE) OR OTHERWISE) TO THE OTHER PARTY, SHALL IN EACH YEAR OF THE APPLICABLE ORDER TERM BE LIMITED TO THE TOTAL FEES PAID BY YOU IN RESPECT OF THAT YEAR FOR THE SOFTWARE GIVING RISE TO THE CLAIM.
13.2 THE LIABILITY CAP IN CLAUSE 13.1 SHALL NOT APPLY TO: (I) OUR LIABILITY UNDER THE INDEMNITY SET OUT IN CLAUSE 12.1 (SUBJECT TO YOUR COMPLIANCE WITH THE REQUIREMENTS OF THE REMAINDER OF CLAUSE 12); (II) YOUR LIABILITY UNDER THE INDEMNITY IN ADDENDUM C (WHERE ADDENDUM C IS APPLICABLE); AND (III) EACH PARTY'S LIABILITY IN RESPECT OF ANY BREACH OF ITS OBLIGATIONS UNDER CLAUSE 9.
13.3 SUBJECT TO CLAUSE 13.4, NEITHER PARTY SHALL BE LIABLE FOR ANY: (I) LOSS OF PROFITS, LOSS OF ANTICIPATED SAVINGS, LOSS OF, DAMAGE TO OR CORRUPTION OF SOFTWARE OR DATA, LOSS OF GOODWILL OR REPUTATION; OR (II) INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL OR PUNITIVE LOSS OR DAMAGE OF ANY KIND SUFFERED BY THE OTHER PARTY, IN EACH CASE HOWEVER ARISING AND EVEN IF THE OTHER PARTY KNEW OR SHOULD HAVE KNOWN THAT SUCH LOSS OR DAMAGE WAS POSSIBLE.
13.4 NOTHING IN THE AGREEMENT SHALL LIMIT OR EXCLUDE: (I) YOUR OBLIGATION TO PAY FEES; (II) YOUR LIABILITY IN RESPECT OF ANY BREACH OF CLAUSE 2; (III) THE LIABILITY OF EITHER PARTY FOR WILFUL MISCONDUCT; OR (IV) THE LIABILITY OF EITHER PARTY FOR ANY LIABILITY THAT CANNOT BE LIMITED OR EXCLUDED BY LAW.
13.5 YOU AGREE THAT: (I) THE SOFTWARE AND ANY BURP APPS ARE PROVIDED ON AN "AS IS" BASIS AND HAVE NOT BEEN DEVELOPED TO MEET YOUR INDIVIDUAL REQUIREMENTS; (II) THE SOFTWARE AND ANY BURP APPS MAY NOT BE FREE OF BUGS OR ERRORS, AND MINOR ERRORS SHALL NOT CONSTITUTE A BREACH OF THE LICENCE; AND (III) IT IS YOUR RESPONSIBILITY TO ENSURE THE NATURE AND FUNCTIONALITY OF THE SOFTWARE AND ANY BURP APP (AS DESCRIBED IN THE APPLICABLE DOCUMENTATION) MEET YOUR REQUIREMENTS. NO WARRANTY IS MADE BY US ON THE BASIS OF TRADE USAGE, COURSE OF DEALING OR COURSE OF TRADE. WE DO NOT WARRANT THAT THE SOFTWARE OR SERVICES WILL BE UNINTERRUPTED OR ERROR-FREE, OR THAT ALL ERRORS WILL BE CORRECTED.
13.6 THE EXCLUSIONS AND LIMITATIONS SET FORTH IN THIS CLAUSE 13 REPRESENT A FAIR ALLOCATION OF THE RISKS BASED ON THE FEES WE CHARGE FOR THE SOFTWARE AND SERVICES, AND APPLY EVEN IF AN EXCLUSIVE OR LIMITED REMEDY STATED HEREIN FAILS OF ITS ESSENTIAL PURPOSE.
14 Termination and suspension rights
14.1 Either party may terminate the Agreement with immediate effect by giving written notice to the other party, if that other party (or in Your case, any of Your users) commits a material or persistent breach of the Agreement (including in Your case, any failure to make any payment due to Us by its due date), and which the breaching party fails to remedy (if remediable) within 14 days after the service of written notice requiring the breaching party to do so.
14.2 Without prejudice to clause 14.1, We shall be entitled to temporarily suspend Your usage of certain features of the Software (including scanning):
(a) where You have failed to pay any Fees by the relevant due date, until such time as all amounts due are paid in full;
(b) where Your licence subscription is purchased on a Usage-Based Model, and:
(i) Your usage of the Software in any given usage period reaches or exceeds the usage limits applied by You in Your account (unless You increase the relevant usage limit); or
(ii) any unpaid usage of the Software exceeds the usage limits applied by Us; or
(c) You use the Software in breach of clause 2.3 (and/or to the extent applicable, the terms of Addendum C).
14.3 Upon expiry or termination for any reason:
(a) all rights granted to You under the Agreement shall cease and, save as set out in the remainder of this clause 14.3, You must cease using the Software;
(b) in the case of Hosted Software and subject to clause 14.1 and the Data Processing Agreement, You shall have 30 days prior to expiry or termination of the Agreement to export or delete Your data from the Hosted Software before such data is deleted by Us;
(c) in the case of Self-Hosted Software, You must immediately delete or remove the Self-Hosted Software and any Burp Apps from all computer equipment in Your possession, and (at Our option) immediately destroy or return to Us all copies of the Self-Hosted Software and Burp Apps then in Your possession (and, in the case of destruction, certify to Us that You have done so); and
(d) unless expressly stated otherwise in this EULA, You must immediately pay to Us any sums due to Us under the Agreement (including all Annual Fees in respective of any future year(s) within the Commitment Term).
15 General
15.1 Notices. We may give notices to You at the e-mail, account or postal address details that You provide to Us in Your Order. You may update these details at any time by giving notice to Us. You may give notices to Us at the applicable details specified in clause 1.5. Notices will be deemed received and properly served: (i) immediately when posted on Our website; (ii) after 24 hours when sent by e-mail; or (iii) 3 days after the date of posting when sent by post. In proving the service of any notice, it will be sufficient to prove, in the case of a letter, that such letter was properly addressed, stamped and placed in the post and, in the case of an e-mail, that such e-mail was sent to the specified e-mail address of the addressee.
15.2 Force majeure. Neither party shall be liable for any delay or failure in the performance of its obligations for so long as and to the extent that such delay or failure results from events, circumstances or causes beyond its reasonable control, and provided that the affected party continues to use all commercially reasonable efforts to resume compliant performance.
15.3 Variations to the Agreement.
(a) Variations by PortSwigger. We may vary the terms of this EULA and any the Documentation from time to time by notifying You by any reasonable means (which may include email correspondence).
(b) Variations to Orders. Any variation to the express terms specified in an Order, whether proposed by You or Us, must be agreed in writing by duly authorised representatives of both parties.
(c) Where You have an existing Order and We introduce new features relating to the Software licensed to you under that Order, We will notify You and any specific terms applicable to those new features will be added as an addendum to the applicable EULA and form part of the Agreement. You will be responsible for ensuring You comply with any updated versions of the EULA and Documentation as notified to You by email or made available on Our website, and all new Orders will be subject to the latest versions of the EULA and Documentation.
15.4 Waiver. If either party fails, at any time during the term of the Agreement, to insist upon strict performance of any of the other party's obligations under the Agreement, or if either party fails to exercise any of the rights or remedies to which it is entitled under the Agreement, this shall not constitute a waiver of such rights or remedies and shall not relieve the other party from compliance with such obligations. A waiver by either party of any default shall not constitute a waiver of any subsequent default. No waiver by either party of any of the provisions of the Agreement shall be effective unless it is expressly stated to be a waiver and is communicated to the other party in writing.
15.5 Severability. If any of the terms of the Agreement are determined by any competent authority to be invalid, unlawful or unenforceable to any extent, such term, condition or provision will to that extent be severed from the remaining terms, conditions and provisions, which will continue to be valid to the fullest extent permitted by law.
15.6 Entire agreement. The Agreement represents the entire agreement between You and Us in relation to the licensing of the Software, Documentation and any Burp Apps, and supersedes any prior agreement, understanding or arrangement between Us, whether oral or in writing. Each party acknowledges that, in entering into the Agreement, it has not relied on any representation, undertaking or promise given by the other party or implied from anything said or written in negotiations between the parties prior to entering into the Agreement except as expressly stated therein. Neither party shall have any remedy in respect of any untrue statement made by the other party, whether orally or in writing, prior to the date on which the parties entered into the Agreement (unless such untrue statement was made fraudulently) and the other party's only remedy shall be for breach of contract as provided in this EULA.
15.7 No partnership or agency. Nothing in the Agreement is intended, or shall be deemed, to establish any partnership or joint venture between the parties, constitute any party the agent of another party, or authorise a party to make or enter into any commitments for or on behalf of the other party. Each party confirms it is acting on its own behalf and not for the benefit of any other person.
Addendum A - Reseller Terms
1 Reseller Terms
1.1 You shall be entitled to resell licence subscriptions for the Software, provided that:
(a) You have purchased the Software directly from Us;
(b) You shall procure that the purchaser is bound by the terms of the Agreement for Our benefit, with an ability for Us to enforce such terms against the purchaser directly; and
(c) You will indemnify Us against all costs (including reasonable legal costs), charges and expenses incurred by Us as a result of Your failure to comply with the foregoing provisions of this paragraph 1.1 and/or the resale by You of the licence subscription for the Software to the purchaser.
1.2 You will carry out appropriate due diligence in respect of any third party to whom the Software may be re-sold, re-supplied or re-transferred with Our prior written consent, provided that You shall not re-sell, re-supply or re-transfer the Software to any party that is specifically designated on any list of sanctioned individuals or entities maintained by the United Kingdom, European Union, or United States (or owned or controlled by any party that is specifically designated on such a list, or acting for or on behalf of any party that is specifically designated on such a list).
Addendum B - Support and Features
1 Support, upgrades and availability
1.1 The accessing of Hosted Software or downloading of a licence for Self-Hosted Software may entitle You to free product support provided via Our support centre portal on Our website, at Our sole discretion. Such support will be subject to any support conditions, guidance or FAQs available on https://support.portswigger.net/, as may be updated by Us from time to time.
1.2 If licences to new releases of the Software are offered for sale to Our customers generally, these may be made available free of charge to You for the duration of the Agreement, provided that You enter into new licensing terms in respect of such new release on such terms as may be notified to You by Us at that time pursuant to clause 15.3(c). If no such new licence terms are notified to You, the terms of this EULA shall continue to apply in respect of Your use of the relevant new release.
1.3 We will use reasonable endeavours to ensure that Hosted Software is available at all times, subject to any scheduled maintenance windows or unscheduled downtime in the event of emergencies or circumstances that are outside of Our reasonable control.
2 Burp Collaborator
2.1 We have developed Burp Collaborator, which is a component of the Software's automated and manual testing tools available in respect of the DAST Software and Pro Software. The terms of this paragraph 2 shall only apply in respect of that component of the Software.
2.2 Burp Collaborator involves You deploying a system on the public web (the Burp Collaborator Server) which acts as the recipient of third-system interactions that may be triggered by payloads that the Software sends to target systems enabling the detection of certain types of vulnerability. If Burp Collaborator applies to the version of the Software that You have downloaded (in the case of Self-Hosted Software) or accessed (in the case of Hosted Software), a description of the functionality of Burp Collaborator will be set out in the Documentation.
2.3 The functionality of Burp Collaborator gives rise to certain risks that require Your careful consideration before Your use, as described in the Documentation. By utilising any features of the Software that may cause interaction with Burp Collaborator, You will be deemed to have read the relevant Documentation and fully understood and accepted Burp Collaborator's functionality and the associated risks for Your organisation. We consider Burp Collaborator to be efficacious in identifying vulnerabilities of the target website in connection with third-system interactions, but You must make Your own evaluation before using the Burp Collaborator Server in any of the alternative manners set out in the Documentation.
2.4 If You are permitted by Us to use the Burp Collaborator Server as part of a bespoke consultancy permitted under an Order, You warrant to Us that Your client has: (i) read the relevant Documentation; (ii) fully understood and accepted Burp Collaborator's functionality and the associated risks for its organisation; and (iii) instructed You to use the Burp Collaborator Server.
3 Burp Infiltrator
3.1 We have developed Burp Infiltrator, which is a component of the Software for instrumenting deployed applications to facilitate testing using the DAST Software and Pro Software. The terms of this paragraph 3 shall only apply in respect of that component of the Software.
3.2 Burp Infiltrator involves You deploying or procuring deployment of the Burp Infiltrator component within the target system, which enhances the ability of the Software to detect certain types of vulnerability. If Burp Infiltrator applies to the version of the Software that You have downloaded (in the case of Self-Hosted Software), a description of the functionality of Burp Infiltrator will be set out in the Documentation. The Burp Infiltrator feature is not available in respect of the Hosted Software.
3.3 The functionality of Burp Infiltrator gives rise to certain risks that require Your careful consideration before Your use, as described in the Documentation. By utilising any features of the Software that may cause interaction with Burp Infiltrator, You will be deemed to have read the relevant Documentation, fully understood and accepted Burp Infiltrator's functionality and the associated risks for Your organisation. We consider Burp Infiltrator to be efficacious in helping to identify vulnerabilities of the target website, but You must make Your own evaluation before utilising Burp Infiltrator in the manner set out in the Documentation.
3.4 If You are permitted by Us to use Burp Infiltrator as part of a bespoke consultancy permitted under an Order, You warrant to Us that Your client has: (i) read the relevant Documentation; (ii) fully understood and accepted Burp Infiltrator's functionality and the associated risks for its organisation; and (iii) instructed You to use Burp Infiltrator.
4 Extensions
4.1 You may create (or procure and approve the creation on Your behalf of) programming additions to the Self-Hosted Software, using any of the official application programming interfaces made available by Us, as further described within the applicable Documentation (Burp Suite's Official APIs) to either: (i) extend the functionality of the Self-Hosted Software; or (ii) enable the Self-Hosted Software to inter-operate with other software, but not to copy, clone, reproduce or emulate any existing feature of any Software produced by Us (such programming additions being Extensions). For the avoidance of doubt, You may not make any Extensions to the Hosted Software.
4.2 Subject to clause 2.4(a), Extensions created for Your own or Your client's use pursuant to paragraph 4.1 will be considered Your Confidential Information.
4.3 If You share an Extension with a third party that is neither Your Affiliate nor Your client for whom the Extension was created, then You shall promptly notify Us and provide Us with a copy of such Extension.
4.4 You agree that We shall be entitled at Our sole discretion to: (i) use the Extension and adopt it as a 'Burp Suite' application (Burp App); or (ii) make the Extension part of the Software, and in such case make it available to Our other customers.
4.5 We have established the 'Burp App Store' product feature, where Burp Apps are described and may be downloaded without charge for use as an Extension. All Extensions and Burp Apps shall remain the property of the relevant author but, by creating an Extension, the relevant author grants an irrevocable, worldwide, perpetual, non-exclusive licence free of charge to Us to incorporate such Extension into the Software and to use, copy, modify and adapt it for any purpose at Our option, together with an irrevocable, perpetual, non-exclusive licence to all third party licensees who download the Burp App from the Burp App Store to use the Extension free of charge. If, at Our sole option, We incorporate an Extension into the Software, a notice will be placed on the 'Burp App Store' to that effect.
4.6 We shall be entitled, without incurring any liability or needing to give notice to You, to disable any Burp App being used by You where We consider in Our sole discretion that it is necessary to do so for operational, security or quality reasons.
Addendum C - AI Services and Third Party Software
1 General
1.1 From time to time, Software made available to You by Us pursuant to an Order may include or involve the use of certain Third-Party Software, including in particular the following AI services:
(a) Anthropic's API keys and any other Anthropic offerings, including Anthropic's related tools, documentation and services;
(b) OpenAI's services for businesses, enterprises, or developers, including OpenAI's associated software, tools, developer services, documentation, and websites; and
(c) any other AI products and services provided by Our other third-party providers,
all such services together being the AI Services and such third-parties together being Our AI Partners.
1.2 You and Your users may only use the relevant AI Services during an Order Term in compliance with:
(a) this Agreement; and
(b) the relevant Third-Party Software terms as We notify to You, including:
(i) Anthropic's Commercial Terms of Service, Service Specific Terms and Policies. The Anthropic Terms are available at https://www.anthropic.com/legal/commercial-terms or as otherwise notified to You from time to time; and
(ii) OpenAI's Services Agreement, Service Specific Terms and Policies. The OpenAI Terms are available at https://www.anthropic.com/legal/commercial-terms or as otherwise notified to You from time to time,
each as updated from time to time, and such terms being the AI Partner Terms and provided You agree to cooperate with any reasonable requests for information from Us and the relevant AI Partner to support compliance with such terms and policies, including to verify Your identity and use of the relevant AI Services.
1.3 If You provide Us with any feedback regarding the AI Services, You agree that We may use such feedback without any further obligations to You.
2 AI Services
2.1 You acknowledge and agree that:
(a) Our AI Services may be periodically updated at the discretion of Us and/or Our AI Partner(s), which may in turn impact the AI Services. We reserve the right, in Our sole discretion, to withdraw the AI Services from the Software, following any such update;
(b) whilst We will use Our reasonable efforts to make the AI Services available, we cannot guarantee their availability. We are not responsible for, nor are we liable for Your Use of the AI Services to the extent they incorporate Third Party Software, which is used at Your own risk; and
(c) You may provide inputs into the AI Services (Inputs) and receive outputs based on such Inputs (Outputs), which, as between You and Us, belong to You. You are responsible for all Inputs and represent and warrant that You have all rights, licences and permissions required to provide Inputs to the AI Services.
(d) You are solely responsible for all use of the Outputs and for evaluating the accuracy and appropriateness of Output for Your use case, including where human review is appropriate, before using or sharing Outputs. You acknowledge, and must notify your users, that factual assertions in Outputs should not be relied upon without independently checking their accuracy, as they may be false, incomplete misleading or not reflective of recent events or information.
2.2 Without prejudice to clause 2.3 of the EULA, You will not permit any of Your individual users to:
(a) use the AI Services (or use any Inputs or Outputs) in a way that violates the relevant AI Partner Terms; or
(b) use the AI Services or any Outputs to develop artificial intelligence models that compete with the AI Services and/or Our AI Partners' products and services.
2.3 You and Your users may not access or offer access to the AI Services outside of the countries and territories for which Our AI Partners support access to as set out in the relevant AI Partner Terms each as may be updated from time to time. A violation of this paragraph 2.3 may result in a suspension of the AI Services pursuant to paragraph 2.6).
2.4 You agree not to use the AI Services to create, receive, maintain, transmit, or otherwise process Protected Health Information (as defined under the HIPAA Privacy Rule (45 C.F.R. Section 160.103)), unless You have agreed this with Us in advance in writing. NOTWITHSTANDING THE FOREGOING, YOU ACKNOWLEDGE THE AI SERVICES ARE NOT DESIGNED FOR PROCESSING PROTECTED HEALTH INFORMATION AND YOU MAY NOT USE THE SERVICES TO STORE, TRANSMIT, OR PROCESS THIS INFORMATION.
2.5 Without prejudice to clause 14.2 of the EULA, We may additionally limit or suspend Your access to or usage of the AI Services features of the Software where:
(a) required to do so by applicable law or would result in a material increase in the cost of providing the Services;
(b) You violate this Agreement or the relevant AI Partner Terms;
(c) We are requested or required to do so by an AI Partner(s), or an AI Partner has limited or suspended Our use of the AI Services;
(d) We reasonably believe or determine that there is a risk to or an attack on any of the Services;
(e) doing so is necessary to prevent or terminate any use of the AI Services by Your or Your individual user that could reasonably result in a security risk, credible risk of harm, infringement of third-party rights, or in liability to Us, the AI Services, Our AI Partners or a third party (Security Emergency).
We will use reasonable efforts to: (i) notify You before limiting or suspending the AI Services in such cases (but may do so without prior notice to the extent reasonably necessary); (ii) cooperate with You to promptly restore access to the AI Services once resolution of the condition requiring suspension has been verified. We will have no liability for any damage, liabilities, losses (including any loss of data or profits), or any other consequences that You may incur because of any suspension under this paragraph.
2.6 THE AI SERVICES ARE PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTY OF ANY KIND. TO THE EXTENT PERMITTED BY LAW, EXCEPT AS EXPRESSLY STATED IN THIS AGREEMENT, PORTSWIGGER AND ITS AFFILIATES AND LICENSORS MAKE NO WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE (INCLUDING COURSE OF DEALING OR PERFORMANCE, OR TRADE USE), INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR USE, OR NON-INFRINGEMENT IN RESPECT OF THE AI SERVICES OR THAT THEY ARE ACCURATE, COMPLETE OR ERROR-FREE OR THAT THEIR USE WILL BE UNINTERRUPTED. PORTSWIGGER MAKES NO REPRESENTATION, WARRANTY OR GUARANTEE THAT AI SERVICES WILL MEET YOUR REQUIREMENTS OR EXPECTATIONS, THAT THE INPUTS AND OUTPUTS WILL BE ACCURATE, THAT DEFECTS WILL BE CORRECTED, OR REGARDING ANY THIRD-PARTY SERVICES. PORTSWIGGER WILL NOT BE RESPONSIBLE NOR LIABLE FOR ANY INPUTS OR OUTPUTS, THIRD-PARTY SERVICES, THIRD-PARTY CONTENT, OR NON-AI SERVICES (INCLUDING FOR ANY DELAYS, INTERRUPTIONS, TRANSMISSION ERRORS, SECURITY FAILURES, AND OTHER PROBLEMS CAUSED BY THESE ITEMS). REFERENCES TO A THIRD PARTY IN THE OUTPUTS MAY NOT MEAN THEY ENDORSE OR ARE OTHERWISE WORKING WITH US OR ANY OF OUR LICENSORS.
2.7 Notwithstanding and without prejudice to the other terms of this Agreement, You acknowledge and agree that, to the extent the AI Services include Beta Services (i.e. services or features identified as alpha, beta, preview, early access, or evaluation, or words or phrases with similar meanings):
(a) You may choose to use the Beta Services in connection with the Software at Your sole discretion;
(b) Beta Services may not be supported and may be changed at any time without notice;
(c) Beta Services may not be as reliable or available as the Software or AI Services;
(d) Beta Services have not been subjected to the same security measures and auditing as the AI Services; and
(e) PORTSWIGGER WILL HAVE NO LIABILITY ARISING OUT OF OR IN CONNECTION WITH BETA SERVICES, WHICH ARE TO BE USED AT YOUR OWN RISK.
2.8 You agree to indemnify, defend, and hold Portswigger and its Affiliates and licensors harmless against any liabilities, damages, and costs (including reasonable attorneys' fees) payable to a third party arising out of any claims relating to Your use of AI Services:
(a) in violation of this Agreement or the relevant AI Partner Terms;
(b) in respect of Your applications; or
(c) in respect of Your Inputs and Outputs.
Zero Data Retention offered by AI Partners
2.9 You acknowledge and agree that where We implement Zero Data Retention with Our AI Partners:
(a) Zero Data Retention means Our AI Partners' zero data retention approach whereby the Inputs and Outputs (i) will not be logged for human review and (ii) will not be saved to disk or retained;
(b) We will implement Zero Data Retention with our AI Partners for all 'Approved Use Cases' whose endpoints are eligible for Zero Data Retention, in accordance with Our AI Partners' guidance;
(c) notwithstanding the forgoing, We and Our AI Partners may perform automated screening of Inputs and Outputs for safety purposes, which shall consist solely of metadata (including classifier types, dates, counts and confidence scores) but excludes the Inputs and Outputs themselves (or summaries/portions of these) (Safety Classifiers), and We and Our AI Partners may retain these Safety Classifiers;
(d) Zero Data Retention will only be active once We indicate that Zero Data Retention is activated in the relevant account;
(e) Zero Data Retention may only be used for Approved Use Cases, and each use case must be submitted by You separately to Us for review and approval. If an Approved Use Case changes in scope, including with respect to its intended authorised users, task being performed, or the monitoring or control of such use case, then You must inform Us and submit the updated use case for review and approval. You are responsible for ensuring all Zero Data Retention traffic is directed to the 'Org IDs' (as specified in Your relevant account) that (i) have been approved for Zero Data Retention and (ii) state that Zero Data Retention has been activated; and
(f) in the event the Safety Classifiers indicate persistent or material violations of law or Our AI Partner's policies, or We or Our AI Partner reasonably suspects that You are in violation of the terms of this Agreement, We may suspend or revoke approval for Zero Data Retention upon notice to You, suspend Your access to the Services, or take other action in Our sole discretion.
2.10 The 'Approved Use Cases' means the following exhaustive list of Low Risk Use Cases, which may be updated from time to time by Us;
(a) Internal Use: Any use of the AI Services for Your internal operational purposes or internal development purposes, provided that such functionality shall only be made available to Your personnel and contractors who are authorised by You to have access to Your systems.
(b) Summarisation: Use of the Services for summarisation from trusted source documents such as internal company documentation, but not as an open-ended summariser without reference to trusted source documents. Examples include summarisation of call centre transcripts, technical reports, and product reviews.
(c) Reasoning over structured and unstructured data: Use of the AI Services to analyse inputs using classification, sentiment analysis of text, or entity extraction. Examples include analysing product feedback sentiment, analysing support calls and transcripts, and refining text-based search with embeddings.
(d) Search: Use of the AI Services to search trusted source documents such as internal company documentation provided that the application does not generate results ungrounded in trusted source documentation.
(e) Question-answering: Use of the AI Services to ask questions and receive answers from trusted source documents such as internal company documentation, provided that the application does not generate answers ungrounded in trusted source documentation.
2.11 High Risk Use Cases include all uses not expressly set forth as a Low Risk Use Case in paragraph 2.11 above. You acknowledge that We may approve or deny High Risk Use Cases in Our sole discretion, and if We approve a High Risk Use Case, You agree to cooperate in good faith with Us and Our AI Partners to reduce the risks related to such use cases.
Research
Academy
My account
Customers
About
Blog
Careers
Legal
Contact
Resellers
Attack surface visibility
Improve security posture, prioritize manual testing, free up time.
CI-driven scanning
More proactive security - find and fix vulnerabilities earlier.
Application security testing
See how our software enables the world to secure the web.
DevSecOps
Catch critical bugs; ship more secure software, more quickly.
Penetration testing
Accelerate penetration testing - find more bugs, more quickly.
Automated scanning
Scale dynamic scanning. Reduce risk. Save time/money.
Bug bounty hunting
Level up your hacking and earn more bug bounties.
Compliance
Enhance security monitoring to comply with confidence.
View all solutions
Support Center
Get help and advice from our experts on all things Burp.
Documentation
Tutorials and guides for Burp Suite.
Get Started - Professional
Get started with Burp Suite Professional.
Get Started - Enterprise
Get started with Burp Suite Enterprise Edition.
User Forum
Get your questions answered in the User Forum.
Downloads
Download the latest version of Burp Suite.
Visit the Support Center